Unrated severityNVD Advisory· Published Apr 9, 2009· Updated Jun 16, 2026
CVE-2009-1144
CVE-2009-1144
Description
Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
- cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
- Range: <3.02-r2
Patches
Vulnerability mechanics
References
6- bugs.gentoo.org/show_bug.cginvdVendor Advisory
- bugs.gentoo.org/show_bug.cginvdVendor Advisory
- secunia.com/advisories/34610nvdVendor Advisory
- osvdb.org/53529nvd
- security.gentoo.org/glsa/glsa-200904-07.xmlnvd
- www.securityfocus.com/bid/34401nvd
News mentions
0No linked articles in our index yet.